Current Key Persons
The following members are listed as key persons. In the case of an urgent emergency try to contact the keypersons-mailing list , or one of those members.
Critical Admins: Dirk
Physical Access: Hans, (Bas, Stefan, Rudi)
- Secure-u: Board contacts
Persons in () were asked but did not respond with their data, they are meant to be on the list. Two persens on the list currently do not get the data on their own request.
Procedure for maintenance of the Key Persons List
According to the Security Policy section 6.4 the Board must maintain a Key Persons List with all contact information needed in case a disaster recovery is needed. This page describes how this list is constructed, maintained and made available even if CAcert's core infrastructure is not available.
Who should be on the list
The following people are meant to be on the Key Persons List:
- board members
- arbitrators: all active (at least three)
- critical system administrators: all (at least: team leader + one backup)
- infrastructure system administrators: at least two (all systems should be covered if possible twice)
- software assessors: at least two active, if possible team leader
- support team: at least two active
- secure-u access engineers: all
Not essencial but possible:
- public relations officer
The following roles are currently not available but may be added if available:
- application development team leader + one backup
- privacy officer
- security officer
Additionally contact data for secure-u should be added, if possible. Secure-u board may be added on their request.
The decision about who is on the list lies in the hand of the maintainer of the list but should be coordinated with board and teams.
Which contact information should be maintained
The following contact information should be maintained for each list member:
- email addresses (in particular addresses which are not dependent on CAcert's infrastructure)
- business telephone number(s)
- private telephone number(s)
- mobile telephone number(s)
- physical address(es) [optional]
- chat handles [Skype, (non-CAcert) IRC, Jabber, MSN, etc.]
- indication of best contact method(s)
- anything else the member considers to be relevant
How to collect the information
The board designates a person (can be a board member, but can also be one of the other key persons) who is responsible for collecting the stated contact information from each key person on the list. Collection will be generally by emailing each list member with a request to supply his/her personal contact information, and a request to supply an update whenever something changes. The collector compiles all received contact information in a single overview ready for distribution (see below).
Each key person is also asked to provide a CARS that he/she will only use the data from the key persons list for CAcert desaster recovery reasons. This can be updated to include also management, distribution and furhter handling of the key persons list or anything else directly related to the purpose of the collection of the data.
If a key person cannot give such a statement, the other key persons have to be asked for there consent before that person is provided with the data.
The collector will poll all key persons to verify whether the contact information is still up-to-date, and apply the updates to the compiled overview.
- of the board, after board elections
- of effected personnel, after significant team changes
- or, every 3 months
How to distribute the information
Because most of this information is likely to be privacy-sensitive for most people, the information will only be distributed to other key people list members with a strict instruction to only use it for purposes of CAcert disaster recovery support.
The collector will send out a complete Key People Contacts list every 3 months by email to all people on the list. This way every list member should have a reasonably up-to-date version of the required information in his mailbox.
A warning should be included for people with a email@example.com address: they should save this message to a location which is not directly dependent on CAcert infrastructure, since that may not be available at the time the list is most needed!
All key persons are asked to handled the data carefully and to consider encryption as long as this does not interfere severly with the availability of the data for each key person.
Leaving Key Persons
If members on the key persons list stop to be active in the roles for which they are on the list, they should be replaced by more active members, if there is no specific reason to keep them on the list.
Any member who is removed from the Key Persons List, should be informed about this step and should be asked to delete the data, as soon as there is no further need to keep it. Their own data should be removed from the next version of the list that is distributed.
Additionally to the key persons list a mailing list can be maintained with all key persons. The key persons data is not meant to be send over this list in normal situations. The mailing list is meant to be used for reporting of possible emergencies and possible desaster recovery.
Anybody should be able to send to that mailing list.
possible mail templates
to be added when available
Updates to the procedure
According to the Security Policy, maintaining the key persons list is a task of board. The board of 2015/2016 has issued motion m20160702.6 about the maintenance of the KPL procedure:
KPL Procedure may be changed by Delegate Resolved, that Eva is delegated the keeper of the KPL, and that this role includes the ability to change the procedure.
Update at 2016-09-09
The procedure was updated via:
- writing a draft of the new procedure (2016-06-06)
- presenting it to board (2016-06-06)
- presenting it to candidates for the key persons list (2016-07-10)
- waiting some time for feedback
- replacing the procedure in the wiki (2016-09-09)
- informing public board mailing list about the update (2016-09-09)
The update was necessary as:
- it was unclear what the correct version was at the time where Eva took over the task because of undocumented changes
- the selection of who should be on the list was found to be not in line with Security Policy requirements
- the prior version required S/MIME usage of all key persons which was not possible for at least one person, again
- the required mail templates were considered too strict and restrictive
- the requirement to delete public keys was found to be ridiculous and not helping to ease the way to contact key persons
- added list of current key persons by team added
- updated list who should be on list brought in line with Security Policy and Security Manual requirements
- declared physical address to be optional
- added request for CARS to use the data only for disaster recovery to data collection process
- removed requirements to provide certificates
- removed requirement to distribute list S/MIME encrypted
- added note that data should be handled carefully, encryption should be considered, as long as it does not interfere severely with availability of data
- removed requirements about mailing list, made it optional, if available it should be visible and accessible for everybody
- clarified handling of leaving members
- removed fixed mail templates
- added section about procedure updates
Inputs & Thoughts
Potential lists of Key People
Text / Your Statements, thoughts and email snippets, Please